Can't access NextCloud jail on LAN

Status
Not open for further replies.

codyf51

Dabbler
Joined
Feb 11, 2017
Messages
24
Hello again,

Still working out the kinks on my new FreeNAS server. One of the issues is that I am unable to access my NextCloud jail on my internal Network. Below is a diagram of my network setup. I've got my NC jail running on a DMZ with port forwarding set up and I have no issues accessing next cloud externally. I know this is probably more of a networking question related to pfSense, but I didn't have much luck over on the pfSense forums. I feel like this should be a pretty common issue because I can't imagine anyone using nextcloud without the ability to access it internally. Yet, while I can find some forms on the matter I'm just not able to find a solution.

Public IP 159.***.***.192
^
^
-------- pfSense Firewall --------
* *
* *
LAN DMZ
10.0.1.1/24 172.16.0.1/24
* 10.0.1.2 _______ *
*--------------- | FreeNAS |------*
|. 9.10.2. | 172.0.16.2
----------- NextCloud Jail
LAN access. (Use for AFP
shares, PLEX and Admin GUI)


FreeNAS Build

Build FreeNAS-9.10.2-U1 (86c7ef5)
Platform Intel(R) Xeon(R) CPU E5-2670 0 @ 2.60GHz
Memory 65472MB
 

Jailer

Not strong, but bad
Joined
Sep 12, 2014
Messages
4,977
You're going to need a rule on LAN interface to allow access from your LAN to your DMZ.
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
do your for forward rules have NAT reflection enabled?
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
are your trying to access your jail using your WAN IP?
if so you should enable NAT reflection if you plan to access it from inside your network.
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
No, just the domain.
I'm not sure what that means.

in my network I access services using a public domain name, mapped to my WAN IP. I enable NAT Reflection "Pure NAT" and also make sure whatever subnet I access from has a rule allowing access to that IP:port
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
Would PureNAT work with the DMZ?
I might not be the best to comment on that. I don't use any features called DMZ. I do have a subnet I named that, but I define all NAT mappings/ rules myself.
 

codyf51

Dabbler
Joined
Feb 11, 2017
Messages
24
SOLVED! So PureNAT + Proxy was the solution. I did not think that this was working because it took several minutes to take effect. I am going to see if this is why PureNAT no proxy and DNS Forwarder didn't work. Thank you Joshua!
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
no prob, I have my setup working without the proxy, but different setups might require it.
 
Status
Not open for further replies.
Top